(RHSA-2015:2666) Important: Red Hat OpenShift Enterprise 2.2.8 security, bug fix, and enhancement update

2015-12-1700:00:00

access.redhat.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

67.7%

JSON

OpenShift Enterprise by Red Hat is the company’s cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or
private cloud deployments.

The following security issue is addressed with this release:

An implementation error related to the memory management of request
and responses was found within HAProxy’s buffer_slow_realign()
function. An unauthenticated remote attacker could use this flaw
to leak certain memory buffer contents from a past request or
session. (CVE-2015-3281)

Space precludes documenting all of the bug fixes in this advisory. See
the OpenShift Enterprise Technical Notes, which will be updated
shortly for release 2.2.8, for details about these changes:

https://access.redhat.com/documentation/en-US/OpenShift_Enterprise/2/html-single/Technical_Notes/index.html

All OpenShift Enterprise 2 users are advised to upgrade to these updated
packages.

OSVersionArchitecturePackageVersionFilename
RedHat6srcopenshift-origin-cartridge-python< 1.34.1.1-1.el6opopenshift-origin-cartridge-python-1.34.1.1-1.el6op.src.rpm
RedHat6noarchrubygem-openshift-origin-routing-daemon< 0.26.4.4-1.el6oprubygem-openshift-origin-routing-daemon-0.26.4.4-1.el6op.noarch.rpm
RedHat6srcopenshift-origin-cartridge-haproxy< 1.31.4.1-1.el6opopenshift-origin-cartridge-haproxy-1.31.4.1-1.el6op.src.rpm
RedHat6noarchopenshift-origin-cartridge-haproxy< 1.31.4.1-1.el6opopenshift-origin-cartridge-haproxy-1.31.4.1-1.el6op.noarch.rpm
RedHat6x86_64haproxy15side-debuginfo< 1.5.4-2.el6ophaproxy15side-debuginfo-1.5.4-2.el6op.x86_64.rpm
RedHat6x86_64haproxy15side< 1.5.4-2.el6ophaproxy15side-1.5.4-2.el6op.x86_64.rpm
RedHat6noarchopenshift-origin-cartridge-python< 1.34.1.1-1.el6opopenshift-origin-cartridge-python-1.34.1.1-1.el6op.noarch.rpm
RedHat6srcopenshift-enterprise-upgrade< 2.2.8-1.el6opopenshift-enterprise-upgrade-2.2.8-1.el6op.src.rpm
RedHat6noarchopenshift-origin-broker-util< 1.37.4.2-1.el6opopenshift-origin-broker-util-1.37.4.2-1.el6op.noarch.rpm
RedHat6noarchopenshift-enterprise-upgrade-broker< 2.2.8-1.el6opopenshift-enterprise-upgrade-broker-2.2.8-1.el6op.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	6	src	openshift-origin-cartridge-python	< 1.34.1.1-1.el6op	openshift-origin-cartridge-python-1.34.1.1-1.el6op.src.rpm
RedHat	6	noarch	rubygem-openshift-origin-routing-daemon	< 0.26.4.4-1.el6op	rubygem-openshift-origin-routing-daemon-0.26.4.4-1.el6op.noarch.rpm
RedHat	6	src	openshift-origin-cartridge-haproxy	< 1.31.4.1-1.el6op	openshift-origin-cartridge-haproxy-1.31.4.1-1.el6op.src.rpm
RedHat	6	noarch	openshift-origin-cartridge-haproxy	< 1.31.4.1-1.el6op	openshift-origin-cartridge-haproxy-1.31.4.1-1.el6op.noarch.rpm
RedHat	6	x86_64	haproxy15side-debuginfo	< 1.5.4-2.el6op	haproxy15side-debuginfo-1.5.4-2.el6op.x86_64.rpm
RedHat	6	x86_64	haproxy15side	< 1.5.4-2.el6op	haproxy15side-1.5.4-2.el6op.x86_64.rpm
RedHat	6	noarch	openshift-origin-cartridge-python	< 1.34.1.1-1.el6op	openshift-origin-cartridge-python-1.34.1.1-1.el6op.noarch.rpm
RedHat	6	src	openshift-enterprise-upgrade	< 2.2.8-1.el6op	openshift-enterprise-upgrade-2.2.8-1.el6op.src.rpm
RedHat	6	noarch	openshift-origin-broker-util	< 1.37.4.2-1.el6op	openshift-origin-broker-util-1.37.4.2-1.el6op.noarch.rpm
RedHat	6	noarch	openshift-enterprise-upgrade-broker	< 2.2.8-1.el6op	openshift-enterprise-upgrade-broker-2.2.8-1.el6op.noarch.rpm